Software Integrity Blog

Archive for the 'Agile, CI/CD & DevOps' Category

 

Synopsys adds GitHub Action for SAST and SCA

GitHub Actions brings the platform into the CI/CD market, making it simple to integrate SAST and SCA into workflows with the Synopsys Detect GitHub Action.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on Synopsys adds GitHub Action for SAST and SCA

 

[Webinars] DevSecOps best practices, AppSec tools, and the year in open source

Learn more about DevSecOps best practices, application security tools and features, and key legal developments related to open source in 2019.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security, Open Source Security, Webinars | Comments Off on [Webinars] DevSecOps best practices, AppSec tools, and the year in open source

 

Behshad Rejai on the past, present, and future of software development

With 36 years of experience, Behshad Rejai, VP of engineering in the Software Integrity Group, shares her views of the future of software development.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security, Cloud Security, Featured, IoT Security | Comments Off on Behshad Rejai on the past, present, and future of software development

 

[Webinar] Static Analysis Security Testing (SAST) in CI/CD: Why and How

Learn how to add static application security testing (SAST) to your CI/CD workflows to constantly verify code changes and improve application integrity.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST), Webinars | Comments Off on [Webinar] Static Analysis Security Testing (SAST) in CI/CD: Why and How

 

Integrating Coverity Scan with GitLab CI

David Woodhouse at AWS, who maintains the open source OpenConnect VPN client, explains how he integrated Coverity Scan with GitLab CI.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Static Analysis (SAST) | Comments Off on Integrating Coverity Scan with GitLab CI

 

Report: Security and development teams need to ‘embrace’ new roles in DevSecOps

For sustainable, long-term application security, both developers and information security professionals must embrace their new roles created by DevSecOps.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security | Comments Off on Report: Security and development teams need to ‘embrace’ new roles in DevSecOps

 

Ask the Experts: How has software security improved in the last few years?

For Thanksgiving, let’s talk about what we’re thankful for: the trends, processes, and technologies that have had a positive impact on software security.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security, Cloud Security, Software Compliance, Quality & Standards | Comments Off on Ask the Experts: How has software security improved in the last few years?

 

[Webinars] CI/CD optimization and automated testing, open source audit reports

Learn how our CloudBees partnership helps users optimize CI/CD and automate AppSec Testing, and steps to take after you get an open source audit report.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Mergers & Acquisitions, Open Source Security, Webinars | Comments Off on [Webinars] CI/CD optimization and automated testing, open source audit reports

 

How DevOps security tools support modern applications

Modern application development organizations must integrate and automate DevOps security tools such as IAST into CI/CD pipelines to speed developers.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST) | Comments Off on How DevOps security tools support modern applications

 

CloudBees and Synopsys: Putting ‘Sec’ into DevSecOps

CloudBees Core users can add Synopsys AST offerings to their pipelines to boost their software security posture without slowing down application delivery.

Continue Reading...

Posted in Agile, CI/CD & DevOps | Comments Off on CloudBees and Synopsys: Putting ‘Sec’ into DevSecOps